Non-repudiation watermarking protection based on public and private keys

ABSTRACT

A system for creating non-repudiation (undeniable) watermarks, wherein a content provider uses outside distribution entities to distribute media content supplied by the content provider. Content watermarked by a distribution entity using this system is undeniably recognizable by the content provider as originating with that particular distribution entity. In other words, given N distribution entities, the content provider is able to tell which particular distribution entity watermarked the media content. The system does not allow any distribution entity to watermark media content so that would appear to have been watermarked by another distribution entity and the system does also not allow the content provider to watermark media content so that would appear to have been watermarked by a particular distribution entity. Consequently, this allows the content provider to place a high degree of trust in the identification of the distribution entity by means of the watermark.

CROSS-REFERENCE TO RELATED APPLICATIONS

This application claims the benefit under 35 U.S.C. §119(e) ofcommonly-assigned U.S. Provisional Patent Application Ser. No.60/376,212, filed Apr. 29, 2002, by Troy Rockwood and Wengsheng Zhou,and entitled “NON-REPUDIATION WATERMARKING PROTECTION APPARATUS ANDMETHOD BASED ON PUBLIC AND PRIVATE KEY,” which application isincorporated by reference herein.

This application is related to the following co-pending andcommonly-assigned patent applications:

U.S. Utility patent application Ser. No. 10/419,490, filed on Apr. 21,2003, by Ismael Rodriguez, entitled WATERMARKS FOR SECURE DISTRIBUTIONOF DIGITAL DATA, which application claims the benefit under 35 U.S.C.§119(e) of commonly-assigned U.S. Provisional Patent Application Ser.No. 60/376,106, filed Apr. 29, 2002, by Ismael Rodriguez, entitledWATERMARK SCHEME FOR SECURE DISTRIBUTION OP DIGITAL IMAGES AND VIDEO,

U.S. Utility patent application Ser. No. 10/419,491, filed on Apr. 21,2003, by Ismael Rodriguez, entitled VISIBLE WATERMARK TO PROTECT MEDIACONTENT FROM A SERVER TO PROJECTOR, which application claims the benefitunder 35 U.S.C. §119(e) of commonly-assigned U.S. Provisional PatentApplication Ser. No. 60/376,303, filed Apr. 29, 2002, by IsmaelRodriguez, entitled VISIBLE WATERMARK TO PROTECT MEDIA CONTENT FROM ASERVER TO PROJECTOR, and

U.S. Utility patent application Ser. No. 10/419,495, filed on Apr. 21,2003, by Wensheng Zhou and Phoom Sagetong, entitled DYNAMIC WAVELETFEATURE-BASED WATERMARK, which application claims the benefit under 35U.S.C. §119(e) of commonly-assigned U.S. Provisional Patent ApplicationSer. No. 60/376,092, filed Apr. 29, 2002, by Wensheng Zhou and PhoomSagetong, entitled DYNAMIC WAVELET FEATURE-BASED WATERMARK APPARATUS ANDMETHOD FOR DIGITAL MOVIES IN DIGITAL CINEMA, all of which applicationsare incorporated by reference herein.

BACKGROUND OF THE INVENTION

1. Field of the Invention

The invention relates to the field of digital watermarks, and moreparticularly, to non-repudiation watermarking protection based on publicand private keys.

2. Description of the Related Art

With the recent growth of networked multimedia systems, techniques areneeded to prevent (or at least deter) the illegal copying, forgery anddistribution of media content, such as digital audio, images and video.Many approaches are available for protecting digital data; these includeencryption, authentication and time stamping. It is also desirable todetermine where and by how much the digital data has been changed fromthe original.

One way to improve a claim of ownership over digital data, for instance,is to embed a low-level signal or structure directly into the digitaldata. For example, a digital watermark uniquely identifies the owner andcan be easily extracted from the digital data. If the digital data iscopied and distributed, the watermark is distributed along with thedata. This is in contrast to the (easily removed) ownership informationfields allowed by the MPEG-2 syntax.

Most digital watermark schemes depend on a trusted third party to verifythe authenticity of the watermark. The services of the trusted thirdparty may be employed for storing digital watermark keys in escrow,wherein the keys are presented upon demand if there is a dispute. See,for example, D. Augot, J-M. Boucueau, J. F. Delaigle, C. Fontaine, andE. Goray, “Secure Delivery of Images over Open Networks,” Proceedings ofthe IEEE, Vol. 87, No. 7, July 1999, which publication is incorporatedby reference herein.

However, situations may arise, particularly where the value of the mediacontent is very high, where a trusted third party cannot be found, atleast not one that can be trusted by both parties. There is a need inthe art, then, for systems that do not require a trusted third party forwatermark key escrow. Specifically, there is a need in the art fordigital watermarks that are non-repudiation watermarks and where thesource of the embedded watermark can be accurately traced.

SUMMARY OF THE INVENTION

The present invention describes a system for creating non-repudiation(undeniable) watermarks, wherein a content provider uses outsidedistribution entities to distribute media content supplied by thecontent provider. Media content watermarked by a distribution entityusing this system is undeniably recognizable by the content provider asoriginating with that particular distribution entity. In other words,given N distribution entities, the content provider is able to tellwhich particular distribution entity watermarked the media content. Thesystem does not allow any distribution entity to watermark media contentso that would appear to have been watermarked by another distributionentity and the system does also not allow the content provider towatermark media content so that would appear to have been watermarked bya particular distribution entity. Consequently, this allows the contentprovider to place a high degree of trust in the identification of thedistribution entity by means of the watermark.

BRIEF DESCRIPTION OF THE DRAWINGS

Referring now to the drawings in which like reference numbers representcorresponding parts throughout:

FIGS. 1A and 1B depict a top-level functional block diagram of oneembodiment of a media content distribution system according to thepreferred embodiment of the present invention;

FIG. 2 is a dataflow diagram that illustrates the data flow of thenon-repudiation watermark scheme according to the preferred embodimentof the present invention;

FIG. 3 is a flowchart that further illustrates the steps performed inthe watermark casting process according to the preferred embodiment ofthe present invention; and

FIG. 4 is a flowchart that illustrates the steps of the watermarkdetection process performed by the content provider according to thepreferred embodiment of the present invention.

DETAILED DESCRIPTION OF THE INVENTION

In the following description of the preferred embodiment, reference ismade to the accompanying drawings which form a part hereof, and in whichis shown by way of illustration a specific embodiment in which theinvention may be practiced. It is to be understood that otherembodiments may be utilized and structural changes may be made withoutdeparting from the scope of the present invention.

Overview

In a non-repudiation watermark scheme according to the preferredembodiment of the present invention, a content provider provides mediacontent to a distribution entity. The content provider also generates anonce, which is a pseudo-random value, and provides the nonce to thedistribution entity. The distribution entity generates a public andprivate key pair (known as the watermark pair), and the private key ofthe watermark pair is used by the distribution entity to encrypt thenonce, wherein the encrypted nonce is known as a watermark key. Themedia content is then watermarked using the watermark key. The publickey of the watermark pair is provided by the distribution entity to thecontent provider, along with additional information that identifies alocation of the watermark in the watermarked media content. Theadditional information is used by the content provider to extract thewatermark key from the watermarked media content, and the public key ofthe watermark pair is used by the content provider to decrypt the noncefrom the extracted watermark key. In this manner, the content providercan determine which distribution entity watermarked the media content,if any.

Although there are many uses for this technology, it is especiallyapplicable to forensic analysis relating to the distribution of mediacontent in a media content distribution system. In such a system, mediacontent must be kept secret and not be distributed except when accountedfor by the system. Should the media content “leak” and becomeuncontrolled, it is desirable to locate the source of the leak, so thatcorrective action (legal and/or technical) can be taken.

Hardware Environment

FIGS. 1A and 1B depict a top-level functional block diagram of oneembodiment of a media content distribution system 100. The media contentdistribution system 100 comprises a content provider 102, a protectionentity 104, a distribution entity 106 and one or morepresentation/displaying entities 108. The content provider 102 providesmedia content 110 such as audiovisual material to the protection entity104. The media content 110, which can be in digital or analog form, canbe transmitted in electronic form via the Internet, by dedicated landline, broadcast, or by physical delivery of a physical embodiment of themedia (e.g. a celluloid film strip, optical or magnetic disk/tape).Content can also be provided to the protection entity 104 from a securearchive facility 112.

The media content 110 may be telecined by processor 114 to format themedia content as desired. The telecine process can take place at thecontent provider 102, the protection entity 104, or a third party.

The protection entity 104 may include a media preparation processor 116.In one embodiment, the media preparation processor 116 includes acomputer system such as a server, having a processor 118 and a memory120 communicatively coupled thereto. The protection entity 104 furtherprepares the media content 110. Such preparation may include addingprotection to the media content 110 to prevent piracy of the mediacontent 110. For example, the preparation processor 116 can perform awatermarking process 122, apply a compression process 124, and/orperform an encrypting process 126 on the media content 110 to protectit, resulting in output digital data 128. Thus, the output digital data128 may contain one or more data streams that has been watermarked,compressed and/or encrypted.

Once prepared, the output digital data 128 can be transferred to thedistribution entity 106 via digital transmission, tape or disk (e.g.,CD-ROM, DVD, etc.). Moreover, the output digital data 128 can also bearchived in a data vault facility 130 until it is needed.

Although illustrated as separate entities, the protection entity 104 canbe considered as part of the distribution entity 106 in the preferredembodiment and is communicatively positioned between the contentprovider 102 and the distribution entity 106. This configurationameliorates some of the security concerns regarding the transmission ofthe output digital data 128 between the protection entity 104 and thedistribution entity 106. In alternative embodiments, however, theprotection entity 104 could be part of the content provider 102 ordisplaying entity 108. Moreover, in alternative embodiments, theprotection entity 104 could be positioned between the distributionentity 106 and the displaying entity 108. Indeed, it should beunderstood that the protection entity 104, and the functions that itperforms, may be employed whenever and wherever the media content movesfrom one domain of control to another (for example, from the copyrightholder to the content provider 102, from the content provider 102 to thedistribution entity 106, or from the distribution entity 106 to thedisplay entity 108).

The distribution entity 106 includes a conditional access managementsystem (CAMS) 132, that accepts the output digital data 128, anddetermines whether access permissions are appropriate for the outputdigital data 128. Further, CAMS 132 may be responsible for additionalencrypting so that unauthorized access during transmission is prevented.

Once the output digital data 128 is in the appropriate format and accesspermissions have been validated, CAMS 132 provides the output digitaldata 128 to an uplink server 134, ultimately for transmission by uplinkequipment 136 to one or more displaying entities 108, as shown in FIG.1B. This is accomplished by the uplink equipment 136 and uplink antenna138.

In addition or in the alternative to transmission via satellite, theoutput digital data 128 can be provided to the displaying entity 108 viaa forward channel fiber network 140. Additionally, the output digitaldata may be transmitted to displaying entity 108 via a modem 142 using,for example a public switched telephone network line. A land basedcommunication such as through fiber network 140 or modem 142 is referredto as a back channel. Thus, information can be transmitted to and fromthe displaying entity 108 via the back channel or the satellite network.Typically, the back channel provides data communication foradministration functions (e.g. keys, billing, authorization, usagetracking, etc.), while the satellite network provides for transfer ofthe output digital data 128 to the displaying entities 108.

The output digital data 128 may be securely stored in a database 144.Data is transferred to and from the database 144 under the control andmanagement of the business operations management system (BOMS) 146.Thus, the BOMS 146 manages the transmission of information to 108, andassures that unauthorized transmissions do not take place.

Referring to FIG. 1B, the data transmitted via uplink 148 is received ina satellite 150A, and transmitted to a downlink antenna 152, which iscommunicatively coupled to a satellite or downlink receiver 154.

In one embodiment, the satellite 150A also transmits the data to analternate distribution entity 156 and/or to another satellite 150B viacrosslink 158. Typically, satellite 150B services a differentterrestrial region than satellite 150A, and transmits data to displayingentities 108 in other geographical locations.

A typical displaying entity 108 comprises a modem 160 (and may alsoinclude a fiber receiver 158) for receiving and transmitting informationthrough the back channel (i.e., via an communication path other thanthat provided by the satellite system described above) to and from thedistribution entity 106. For example, feedback information (e.g.relating to system diagnostics, billing, usage and other administrativefunctions) from the exhibitor 108 can be transmitted through the backchannel to the distribution entity 106. The output digital data 128 andother information may be accepted into a processing system 164 (alsoreferred to as a content server). The output digital data 128 may thenbe stored in the storage device 166 for later transmission to displayingsystems (e.g., digital projectors) 168A-168C. Before storage, the outputdigital data 128 can be decrypted to remove transmission encryption(e.g. any encryption applied by the CAMS 132), leaving the encryptionapplied by the preparation processor 116.

When the media content 110 is to be displayed, final decryptiontechniques are used on the output digital data 128 to substantiallyreproduce the original media content 110 in a viewable form which isprovided to one or more of the displaying systems 168A-168C. Forexample, encryption 126 and compression 124 applied by the preparationprocessor 118 is finally removed, however, any latent modification,undetectable to viewers (e.g., the results from the watermarking process122) is left intact. In one or more embodiments, a display processor 170prevents storage of the decrypted media content 110 in any media,whether in the storage device 166 or otherwise. In addition, the mediacontent 110 can be communicated to the displaying systems 168A-168C overan independently encrypted connection, such as on a gigabit LAN 172.

Generally, each of the components of the system 100 comprise hardwareand/or software that is embodied in or retrievable from acomputer-readable device, medium, signal or carrier, e.g., a memory, adata storage device, a remote device coupled to another device, etc.Moreover, this hardware and/or software perform the steps necessary toimplement and/or use the present invention. Thus, the present inventionmay be implemented as a method, apparatus, or article of manufacture.

Of course, those skilled in the art will recognize that manymodifications may be made to the configuration described withoutdeparting from the scope of the present invention. Specifically, thoseskilled in the art will recognize that any combination of the abovecomponents, or any number of different components, may be used toimplement the present invention, so long as similar functions areperformed thereby.

Non-Repudiation of Watermarked Media Content

In using the watermarking process 122 described above, the presentinvention introduces a sequence of steps or functions that provides fornon-repudiation of watermarked media content 110. This is useful whenthe source of the media content 110 needs to be known or proved. Onesuch example is when media content 110 and presentations of that mediacontent 110 must be accounted for, such as with copyrighted mediacontent 110 and where the loss of control of that media content 110could lead to monetary loss on the part of the content provider 102 (whois assumed to also be the copyright owner).

The present invention does not implement any protections to ensure thatthe watermark is applied properly; instead, it is assumed that bothparties (the content provider 102 and the distribution entity 106) havewillingly agreed to follow the procedure as outlined (or are constrainedto do so by contractual or technical restraints). In the case where thedistribution entity 106 or the content provider 102 wishes to “cheat”the other by circumventing the watermarking process 122, other measuresmust be taken to ensure that this is not done. Also, watermark attacksmust also be addressed by the watermarking process 122 directly.

In the present invention, the watermarking process 122 requires the useof public and private key encryption between the content provider 102and the distribution entity 106, wherein the keys are not shared withany other entity. This encryption is central to the identification ofmedia content 110 watermarked by the distribution entities 106, asdescribed in more detail below.

FIG. 2 is a dataflow diagram that illustrates the non-repudiationwatermark scheme according to the preferred embodiment of the presentinvention.

Path 200 represents the content provider 102 sending the media content110 to the distribution entity 106, wherein the distribution entityincludes the protection entity 104. This may be done in a variety ofways including, but not limited to, transmission of the media content110 through a data network, or distribution of the media content 110 onphysical media (for instance, CD-ROMs or DVDs).

Once the media content 110 has been sent to the distribution entity 106,path 202 represents the distribution entity 106 contacting the contentprovider 102. This contact should be authenticated using “strong”authentication techniques.

After authenticating with one another, path 202 represents the contentprovider 102 providing a nonce to the distribution entity 106. A nonceis a pseudo-random value, wherein the content provider 102 generates thenonce, sends it to the distribution entity 106, the distribution entity106 signs (encrypts) the nonce, and the distribution entity 106 thenreturns the encryption key to the content provider 102. This exchangeshould be protected by “strong” encryption techniques.

In the preferred embodiment, the size of the nonce is dictated by thewatermarking algorithm being used. Many different types of watermarkingalgorithms may be used without departing from the scope of the presentinvention. Consequently, many different types of enonces may be used.

In the present invention, the distribution entity 106 generates a publicand private key pair (known as the watermark pair) for encryptionpurposes. Specifically, the distribution entity 106 uses the private keyof the watermark pair to encrypt the nonce received from the contentprovider 102, wherein the encrypted nonce is known as a watermark key.

Path 204 represents the distribution entity 106 providing the mediacontent 110 and the watermark key to the protection entity 104. Thewatermarking process 122 of the protection entity 104 casts or embedsthe watermark in the media content 110 using the watermark key, whichresults in the digital data 128 containing a watermarked copy of themedia content 110.

After the watermark is cast (or before, depending on the type ofwatermark algorithm being used), path 206 represents the distributionentity 106 transmitting the public key of the watermark pair to thecontent provider 102, wherein the public key of the watermark pair issigned (encrypted) by the private key of the distribution entity 106(not the private key of the watermark pair).

The distribution entity 106 also transmits additional information to thecontent provider 102, wherein the additional information allows thecontent provider 102 to extract the watermark key from the digital data128 containing the watermarked copy of the media content 110. Thisadditional information is also known as “location information,” andidentifies where the watermark key is embedded in the watermarked copyof the media content 110, i.e., which sub-bands, features, etc., of themedia content 110.

Path 208 represents the protection entity 104 transmitting the digitaldata 128 containing the watermarked copy of the media content 110 to thedisplaying entity 108.

Finally, path 210 represents the content provider 102 storing the publickey of the watermark pair and the additional information in an archive,such as the archive facility 112, so that the watermark key can beextracted from the digital data 128 containing the watermarked copy ofthe media content 110 at a later time.

Watermark Keys

The watermarking process 122 may use any number of differentwatermarking algorithms. The only qualification is that the watermarkingalgorithms should exhibit the following characteristics.

First, the watermarking algorithm should use a watermark key that can beused as a primary index key (i.e., there is a large number space fromwhere the key is chosen such that no two keys are likely to be identicalif keys are chosen randomly or pseudo-randomly). The watermark keyshould be detectable given information other than the value of thewatermark key itself. Depending on the details of the situation wherethis technology is used, other properties (such as invariance undertransforms) may be desired.

Second, the watermarking algorithm must create a unique watermark foreach distinct watermark key. In this sense, the watermark key must comefrom a large key space.

For example, if the watermark key was only 8 bits in length, then itcould only identify 256 distinct watermarks. In the system 100 describedabove, a large key size, e.g., 64 bits or more, comprises a bettercandidate to prevent accidental matching or key space exhaustion, inorder to identify the media content 110 at each specific distributionentity 106 or displaying entity 108.

Third, the watermarking algorithm must allow blank or semi-blankdetection. In other words, a watermark detection process should be ableto detect the watermark without information or with very limitedinformation.

Last and most importantly, the watermarking algorithm must benon-fragile and robust. Detection of the watermark key requires anretrieval of the embedded watermark from the digital data 128 containingthe watermarked copy of the media content 110.

However, the robustness requirement is in conflict with theblank-detection requirement. Previous studies show that a blank-detectedwatermark is generally not as robust as a non-blank detected watermark.Consequently, the watermark algorithm must strike a reasonable balancebetween robustness and blank detection.

Watermarks that satisfy these requirements are described in co-pendingand commonly-assigned U.S. Utility patent application Ser. No.10/419,495, filed on Apr. 21, 2003, by Wensheng Zhou and Phoom Sagetong,entitled DYNAMIC WAVELET FEATURE-BASED WATERMARK, which applicationclaims the benefit under 35 U.S.C. §119(e) of commonly-assigned U.S.Provisional Patent Application Ser. No. 60/376,092, filed Apr. 29, 2002,by Wensheng Zhou and Phoom Sagetong, entitled DYNAMIC WAVELETFEATURE-BASED WATERMARK APPARATUS AND METHOD FOR DIGITAL MOVIES INDIGITAL CINEMA, both of which applications are incorporated by referenceherein.

Watermark Casting Process

FIG. 3 is a flowchart that further illustrates the steps performed inthe watermark casting process according to the preferred embodiment ofthe present invention.

Block 300 represents the content provider 102 distributing the mediacontent 110 to one or more distribution entities 106.

Block 302 represents the content provider 102 providing a unique nonce(the value 2 in this example) to each distribution entity 106. A uniquenonce may be transmitted to each distribution entity at any granularity,i.e., once per media content 110, once per content provider 102, onceper distribution entity 106, once per displaying entity 108, once perpresentation, etc.

Block 304 represents the nonce being encrypted by the distributionentity 106 using the private key of the watermark pair, wherein theencrypted nonce is the watermark key. In this example, the watermark keyis a binary string “01100101.”

Block 306 represents the watermarking process 122 casting the watermarkin the media content 110 using the watermark key, which results in thedigital data 128 containing the watermarked media content 110.

Finally, Block 308 represents the watermarked media content 110 beingoutput from the watermarking process 112 as the output digital data 128.

Watermark Detection Process

FIG. 4 is a flowchart that illustrates the steps of the watermarkdetection process performed by the content provider 102 according to thepreferred embodiment of the present invention.

Block 400 represents the content provider 102 obtaining a copy of thedigital data 128 containing the watermarked media content 110.

Block 402 represents the content provider 102 obtaining a copy of theadditional information associated with the watermarked media content 110from the archive facility 112.

Block 404 represents the content provider 102 performing a watermarkdetection process, wherein an attempt is made to extract the watermarkkey from the digital data 128 containing the watermarked media content110 using the additional information.

After a candidate watermark key is extracted from the digital data 128containing the watermarked media content 110, Block 406 represents thecontent provider 102 obtaining the public key from the archive facility112.

Block 408 represents the content provider 102 decrypting the nonce fromthe watermark key using the public key.

Block 410 represents the content provider 102 determining whether thewatermark key is a non-reputable watermark key, by comparing the noncedecrypted from the watermark key to the nonce given the distributionentity 106 at the initial exchange (i.e., the value 2 in the aboveexample). If the nonces match, then the content provider 102 hassuccessfully identified the source of the digital data 128 containingthe watermarked media content 110; otherwise, the content provider 102has determined that the digital data 128 containing the watermarkedmedia content 110 is counterfeit (i.e., it has an unrecognizablewatermark).

Note also that some or all of these Blocks may be performed in aniterative manner by the content provider 102, in order to compare thedigital data 128 containing the watermarked media content 110 against aplurality of non-reputable watermark keys, i.e., against a plurality ofnonces generated by the content provider 102. In each iteration, thecontent provider 102 may obtain a copy of the additional informationassociated with a specific version of the watermarked media content 110,attempt to extract a watermark key from the watermarked media content110 using the additional information, obtain a public key associatedwith the specific version of the watermarked media content 110, decryptthe nonce from the watermark key using the public key associated withthe specific version of the watermarked media content 110, and thenmatch the nonce decrypted from the watermark key to the nonce associatedwith the specific version of the watermarked media content 110. If amatch is made, then the source of the watermarked media content 110 issuccessfully identified; if no match is made, then the watermarked mediacontent 110 is counterfeit.

CONCLUSION

This concludes the description of the preferred embodiment of theinvention. The following describes some alternative embodiments foraccomplishing the present invention. For example, many types ofwatermarking and nonces could be used with the present invention. Inaddition, different sequences of exchanging data could be used than thatdescribed herein.

In summary, the present invention discloses a system for creatingnon-repudiation (undeniable) watermarks, wherein a content provider usesoutside distribution entities to distribute media content supplied bythe content provider. Content watermarked by a distribution entity usingthis system is undeniably recognizable by the content provider asoriginating with that particular distribution entity. In other words,given N distribution entities, the content provider is able to tellwhich particular distribution entity watermarked the media content. Thesystem does not allow any distribution entity to watermark media contentso that would appear to have been watermarked by another distributionentity and the system does also not allow the content provider towatermark media content so that would appear to have been watermarked bya particular distribution entity. Consequently, this allows the contentprovider to place a high degree of trust in the identification of thedistribution entity by means of the watermark.

The foregoing description of the preferred embodiment of the inventionhas been presented for the purposes of illustration and description. Itis not intended to be exhaustive or to limit the invention to theprecise form disclosed. Many modifications and variations are possiblein light of the above teaching.

1. A method for creating non-repudiation watermarking protection basedon public and private keys, comprising: (a) distributing media contentfront a content provider to a particular distribution entity selectedfrom a plurality of distribution entities, for subsequent distributionto one or more displaying entities separate from the content providerand distribution entities; (b) providing a nonce from the contentprovider to the particular distribution entity; (c) generating a publicand private key pair for the watermark at the particular distributionentity, wherein the private key of the pair is used by the particulardistribution entity to encrypt the nonce as a watermark key; (d)generating a watermarked copy of the media content at the particulardistribution entity using the watermark key; (e) transmitting the publickey of the pair from the particular distribution entity only to thecontent provider, wherein the public key is not shared with any otherentity; and (f) detecting the watermark in the watermarked media contentat the content provider by obtaining the watermarked copy of the mediacontent, extracting the watermark key therefrom, and decrypting thenonce from the extracted watermark key using the public key of the pair;(g) wherein the media content watermarked by the particular distributionentity is undeniably recognizable by the content provider as originatingwith that particular distribution entity from among all of the pluralityof distribution entities, thereby allowing the content provider to placea high degree of trust in an identification of the particulardistribution entity by means of the watermark.
 2. The method of claim 1,wherein the nonce is a pseudo-random value.
 3. The method of claim 1,wherein the nonce is provided to each distribution entity by the contentprovider at a specified granularity.
 4. The method of claim 3, whereinthe specified granularity is selected from a group comprising once permedia content, once per content provider, once per distribution entity,once per displaying entity, or once per presentation.
 5. The method ofclaim 1, wherein the transmitting step (e) comprises transmitting thepublic key of the pair from the distribution entity to the contentprovider, wherein the public key of the pair is signed by a private keyof the distribution entity.
 6. The method of claim 1, further comprisingtransmitting additional information to the content provider, wherein theadditional information allows the content provider to obtain thewatermark key from the watermarked media content.
 7. The method of claim1, further comprising transmitting the watermarked copy of the mediacontent to a displaying entity.
 8. An apparatus for creatingnon-repudiation watermarking protection based on public and privatekeys, comprising: (a) means, performed by a processor, for distributingmedia content from a content provider to a particular distributionentity selected from a plurality of distribution entities, forsubsequent distribution to one or more displaying entities separate fromthe content provider and distribution entities; (b) means, performed bya processor, for providing a nonce from the content provider to theparticular distribution entity; (c) means, performed by a processor, forgenerating a public and private key pair for the watermark at theparticular distribution entity, wherein the private key of the pair isused by the particular distribution entity to encrypt the nonce as awatermark key (d) means, performed by a processor, for generating awatermarked copy of the media content at the particular distributionentity using the watermark key; (e) means, performed by a processor, fortransmitting the public key of the pair from the particular distributionentity only to the content provider, wherein the public key is notshared with any other entity; and (f) means, performed by a processor,for detecting the watermark in the watermarked media content at thecontent provider by obtaining the watermarked copy of the media content,extracting the watermark key therefrom, and decrypting the nonce fromthe extracted watermark key using the public key of the pair; (g)wherein the media content watermarked by the particular distributionentity is undeniably recognizable by the content provider as originatingwith that particular distribution entity from among all of the pluralityof distribution entities, thereby allowing the content provider to placea high degree of trust in an identification of the particulardistribution entity by means of the watermark.
 9. The apparatus of claim8, wherein the nonce is a pseudo-random value.
 10. The apparatus ofclaim 8, wherein the nonce is provided to each distribution entity bythe content provider at a specified granularity.
 11. The apparatus ofclaim 10, wherein the specified granularity is selected from a groupcomprising once per media content, once per content provider, once perdistribution entity, once per displaying entity, or once perpresentation.
 12. The apparatus of claim 8, wherein the means fortransmitting (e) comprises means for transmitting the public key of thepair from the distribution entity to the content provider, wherein thepublic key of the pair is signed by a private key of the distributionentity.
 13. The apparatus of claim 8, further comprising means fortransmitting additional information to the content provider, wherein theadditional information allows the content provider to obtain thewatermark key from the watermarked media content.
 14. The apparatus ofclaim 8, further comprising means for transmitting the watermarked copyof the media content to a displaying entity.
 15. A method for creatingnon-repudiation watermarking protection based on public and privatekeys, comprising: (a) distributing media content to a particulardistribution entity selected from a plurality of distribution entities,for subsequent distribution to one or more displaying entities separatefrom the content provider and distribution entities; (b) providing anonce to the particular distribution entity, wherein the particulardistribution entity generates a public and private key pair for thewatermark, uses the private key of the pair to encrypt the nonce, andgenerates a watermarked copy of the media content using the watermarkkey; (c) receiving the public key of the pair from the particulardistribution entity only at the content provider, wherein the public keyis not shared with any other entity; and (d) detecting the watermark inthe watermarked copy of the media content by obtaining a copy of thewatermarked media content, extracting the watermark key therefrom, anddecrypting the nonce from the extracted watermark key using the publickey of the pair; (e) wherein the media content watermarked by theparticular distribution entity is undeniably recognizable by the contentprovider as originating with that particular distribution entity fromamong all of the plurality of distribution entities, thereby allowingthe content provider to place a high degree of trust in anidentification of the particular distribution entity by means of thewatermark.
 16. The method of claim 15, wherein the nonce is apseudo-random value.
 17. The method of claim 15, wherein the nonce isprovided to each distribution entity at a specified granularity.
 18. Themethod of claim 17, wherein the specified granularity is selected from agroup comprising once per media content, once per content provider, onceper distribution entity, once per displaying entity, or once perpresentation.
 19. The method of claim 15, wherein the receiving step (c)comprises receiving the public key of the pair from the distributionentity, wherein the public key of the pair is signed by a private key ofthe distribution entity.
 20. The method of claim 15, further comprisingreceiving additional information from the distribution entity, whereinthe additional information allows the watermark key to be located in thewatermarked copy of the media content.
 21. An apparatus for creatingnon-repudiation watermarking protection based on public and privatekeys, comprising: (a) means, performed by a processor, for distributingmedia content to a particular distribution entity selected from aplurality of distribution entities, for subsequent distribution to oneor more displaying entities separate from the content provider anddistribution entities; (b) means, performed by a processor, forproviding a nonce to the particular distribution entity, wherein theparticular distribution entity generates a public and private key pairfor the watermark, uses the private key of the pair to encrypt thenonce, and generates a watermarked copy of the media content using thewatermark key; (c) means, performed by a processor, for receiving thepublic key of the pair from the particular distribution entity only atthe content provider, wherein the public key is not shared with anyother entity; and (d) means, performed by a processor, for detecting thewatermark in the watermarked copy of the media content by obtaining acopy of the watermarked media content, extracting the watermark keytherefrom, and decrypting the nonce from the extracted watermark keyusing the public key of the pair; (e) wherein the media contentwatermarked by the particular distribution entity is undeniablyrecognizable by the content provider as originating with that particulardistribution entity from among all of the plurality of distributionentities, thereby allowing the content provider to place a high degreeof trust in an identification of the particular distribution entity bymeans of the watermark.
 22. The apparatus of claim 21, wherein the nonceis a pseudo-random value.
 23. The apparatus of claim 21, wherein thenonce is provided to each distribution entity at a specifiedgranularity.
 24. The apparatus of claim 23, wherein the specifiedgranularity is selected from a group comprising once per media content,once per content provider, once per distribution entity, once perdisplaying entity, or once per presentation.
 25. The apparatus of claim21, wherein the means for receiving (c) comprises means for receivingthe public key of the pair from the distribution entity, wherein thepublic key of the pair is signed by a private key of the distributionentity.
 26. The apparatus of claim 21, further comprising means forreceiving additional information from the distribution entity, whereinthe additional information allows the watermark key to be located in thewatermarked copy of the media content.
 27. A method for creatingnon-repudiation watermarking protection based on public and privatekeys, comprising: (a) receiving media content from a content provider ata particular distribution entity selected from a plurality ofdistribution entities, for subsequent distribution to one or moredisplaying entities separate from the content provider and distributionentities; (b) receiving a nonce from the content provider at theparticular distribution entity; (c) generating a public and private keypair at the particular distribution entity; (d) encrypting the nonce asa watermark key using the private key of the pair at the particulardistribution entity; (e) generating a watermarked copy of the mediacontent using the watermark key at the particular distribution entity;and (f) transmitting the public key of the pair only to the contentprovider from the particular distribution entity, wherein the public keyis not shared with any other entity; (g) wherein the media contentwatermarked by the particular distribution entity is undeniablyrecognizable by the content provider as originating with that particulardistribution entity from among all of the plurality of distributionentities, thereby allowing the content provider to place a high degreeof trust in an identification of the particular distribution entity bymeans of the watermark.
 28. The method of claim 27, wherein the nonce isa pseudo-random value.
 29. The method of claim 27, wherein the nonce isprovided by the content provider at a specified granularity.
 30. Themethod of claim 29, wherein the specified granularity is selected from agroup comprising once per media content, once per content provider, onceper distribution entity, once per displaying entity, or once perpresentation.
 31. The method of claim 27, wherein the transmitting step(f) comprises transmitting the public key of the pair to the contentprovider, wherein the public key of the pair is signed by a private keyof the distribution entity.
 32. The method of claim 27, furthercomprising transmitting additional information to the content provider,wherein the additional information allows the content provider to locatethe watermark key in the watermarked copy of the media content.
 33. Themethod of claim 27, further comprising transmitting the watermarked copyof the media content to a displaying entity.
 34. An apparatus forcreating non-repudiation watermarking protection based on public andprivate keys, comprising: (a) means, performed by a processor, forreceiving media content from a content provider at a particulardistribution entity selected from a plurality of distribution entities,for subsequent distribution to one or more displaying entities separatefrom the content provider and distribution entities; (b) means,performed by a processor, for receiving a nonce from the contentprovider at the particular distribution entity; (c) means, performed bya processor, for generating a public and private key pair at theparticular distribution entity; (d) means, performed by a processor, forencrypting the nonce as a watermark key using the private key of thepair at the particular distribution entity; (e) means, performed by aprocessor, for generating a watermarked copy of the media content usingthe watermark key at the particular distribution entity; and (f) means,performed by a processor, for transmitting the public key of the paironly to the content provider from the particular distribution entity,wherein the public key is not shared with any other entity; (g) whereinthe media content watermarked by the particular distribution entity isundeniably recognizable by the content provider as originating with thatparticular distribution entity from among all of the plurality ofdistribution entities, thereby allowing the content provider to place ahigh degree of trust in an identification of the particular distributionentity by means of the watermark.
 35. The apparatus of claim 34, whereinthe nonce is a pseudo-random value.
 36. The apparatus of claim 34,wherein the nonce is provided by the content provider at a specifiedgranularity.
 37. The apparatus of claim 36, wherein the specifiedgranularity is selected from a group comprising once per media content,once per content provider, once per distribution entity, once perdisplaying entity, or once per presentation.
 38. The apparatus of 34,wherein the means for transmitting (f) comprises means for transmittingthe public key of the pair to the content provider, wherein the publickey of the pair is signed by a private key of the distribution entity.39. The apparats of claim 34, further comprising means for transmittingadditional information to the content provider, wherein the additionalinformation allows the content provider to locate the watermark key inthe watermarked copy of the media content.
 40. The apparatus of claim34, further comprising means for transmitting the watermarked copy ofthe media content to a displaying entity.